Azure IaaS: Keep critical applications running with built-in resiliency at scale

<p>
    Azure IaaS serves as a robust foundation encompassing compute, storage, and networking, ensuring that organisations remain resilient.
</p>

<p class="wp-block-paragraph"><em>This article is the second part of a blog series titled </em><em>Azure IaaS</em><em> that shares key practices and advice to help you establish a reliable infrastructure platform—focusing on performance, resilience, security, scalability, and cost-efficiency.</em></p>

<p class="wp-block-paragraph">Disruption should not be viewed as a rare occurrence. Instead, it is a reality that organisations must be ready to face. This preparedness begins with making resilience a fundamental design principle rather than an afterthought. Businesses rely on a wide array of applications for their daily operations, from essential internal systems to vital workloads. Within this framework, hardware failures, maintenance activities, zonal disruptions, or even regional incidents can greatly impact availability.</p>

<p class="wp-block-paragraph">The aim of a resilient infrastructure isn’t to assume that disruptions won’t occur; it’s to ensure that services remain operational, impacts remain controlled, and recovery happens swiftly when issues arise. In this context, resilience helps organisations maintain continuity, safeguard customer trust, and operate confidently, even amidst changing conditions.</p>

<p class="wp-block-paragraph"><strong>Azure IaaS</strong> is specifically designed to provide a resilient operational environment, offering enterprise-grade resilience. However, the effectiveness of this resilience hinges on how features across compute, storage, and networking are integrated within customer setups to sustain availability during disruptions. Resilience is a shared responsibility: <strong>Azure IaaS</strong> provides a resilient platform with built-in capabilities for availability, continuity, and recovery, while customers must tailor and configure workloads to meet their unique business and operational needs.</p>

<p class="wp-block-paragraph">Creating a resilient architecture is not a one-off decision and is often more complicated than it appears. As systems become more distributed and workload demands intensify, the <strong>Azure IaaS Resource Center</strong> is an invaluable resource offering tutorials, best practices, and guidance for organisations looking to build and manage resilient infrastructure with confidence.</p>

<h2 class="wp-block-heading" id="resiliency-built-into-the-foundation-of-mission-critical-applications">Embedding Resilience in Essential Applications</h2>

<p class="wp-block-paragraph">When an application is particularly mission-critical, downtime isn’t just a minor nuisance; it can disrupt customer transactions, hinder operations, and harm employee productivity, resulting in significant financial and reputational damage. That’s why the design for resilience begins with a shift in mindset. Rather than asking if a disruption will occur, consider how the application should respond when it does.</p>

<p class="wp-block-paragraph"><strong>Azure IaaS</strong> assists customers in achieving this through built-in features that support isolation, redundancy, failover, and recovery across the entire infrastructure stack. The benefits of these features extend beyond technical specifications; they have tangible operational value. They allow organisations to minimise the impact of disruptions, enhance continuity, and enable more predictable recovery during critical service stress.</p>

<h2 class="wp-block-heading" id="keep-applications-available-with-resilient-compute-design">Ensure Application Availability with Resilient Compute Design</h2>

<p class="wp-block-paragraph">Compute resilience begins with careful placement and isolation. For instance, if all the virtual machines for an application are too closely clustered, a localised event could have a broader impact than anticipated.</p>

<p class="wp-block-paragraph">For applications requiring both scalability and availability, <strong>Virtual Machine Scale Sets</strong> automate deployment and management, spreading instances across availability zones and fault domains. This is particularly beneficial for front-end tiers, application tiers, and other distributed services, where having sufficient healthy instances is crucial for continued operation.</p>

<p class="wp-block-paragraph">To ensure broader protection, availability zones offer data centre-level isolation within a region. Each zone operates independently in terms of power, cooling, and networking, allowing businesses to design applications across zones. This way, if one zone experiences issues, healthy instances in another zone can still support the workload.</p>

<p class="wp-block-paragraph">Collectively, these capabilities help organisations eliminate single points of failure and develop compute architectures that are well-equipped to handle localised infrastructure issues, planned maintenance, and zonal disruptions.</p>

<figure data-wp-context="{&quot;imageId&quot;:&quot;69d02d100f2ba&quot;}" data-wp-interactive="core/image" class="wp-block-image aligncenter size-large wp-lightbox-container">
    <img decoding="async" alt="3D resilient apps flowchart including Azure Portal, Azure Copilot, and PowerShell CLI" class="wp-image-50165 webp-format"   src="https://azure.microsoft.com/en-us/blog/wp-content/uploads/2026/04/BRK148-Architect-Resilient-Apps-Breakout-1024x576.webp"/>
    <button class="lightbox-trigger" type="button" aria-haspopup="dialog" aria-label="Enlarge"> 
        <svg xmlns="http://www.w3.org/2000/svg" width="12" height="12" fill="none" viewbox="0 0 12 12"> 
            <path fill="#fff" d="M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z"/> 
        </svg> 
    </button>
</figure>

<h2 class="wp-block-heading" id="build-continuity-and-recovery-on-a-resilient-storage-foundation">Establish Continuity and Recovery on a Resilient Storage Foundation</h2>

<p class="wp-block-paragraph">When disruptions happen, organisations need to know that their application data is durable, accessible, and recoverable. Azure offers various storage redundancy models tailored to meet those needs. Locally redundant storage (LRS) maintains several copies of data within a single data centre. Zone-redundant storage (ZRS) replicates data across availability zones in a region, providing additional protection against zonal failures. For cross-regional resilience, geo-redundant storage (GRS) and read-access geo-redundant storage (RA-GRS) extend this protection to a secondary region.</p>

<p class="wp-block-paragraph">For <strong>managed disks</strong> and virtual machine workloads, recovery is also influenced by features such as snapshots, <strong>Azure Backup</strong>, and <strong>Azure Site Recovery</strong>. These capabilities are not merely abstract backup solutions; they define how much data an organisation can afford to lose and how swiftly an application can be restored after an incident.</p>

<p class="wp-block-paragraph">This is why storage decisions should involve more than just performance or capacity discussions. For stateful applications, especially, storage plays a crucial role in defining recovery time objectives, recovery point objectives, and the larger picture of how a business resumes operation after a disruption.</p>

<h2 class="wp-block-heading" id="keep-network-traffic-moving-when-conditions-change">Maintain Network Traffic Flow During Changes</h2>

<p class="wp-block-paragraph">An application is not truly available if users and dependent services cannot access it. Even if compute and storage remain operational, traffic interruptions can lead to user-facing outages during manageable infrastructure events.</p>

<p class="wp-block-paragraph">This is where networking plays a vital role in resilience. Azure networking services ensure reachability by distributing traffic across healthy resources and redirecting traffic when conditions change. The <strong>Azure Load Balancer</strong> helps distribute traffic across available instances, while the <strong>Application Gateway</strong> provides intelligent Layer 7 routing for web applications. Additionally, <strong>Traffic Manager</strong> employs DNS-based routing across endpoints, and <strong>Azure Front Door</strong> manages and reroutes internet traffic globally.</p>

<p class="wp-block-paragraph">For customers, the practical value is immense. A well-designed network means that when one instance, zone, or endpoint becomes unavailable, traffic can divert to a healthy pathway rather than stopping completely. This can be the difference between a momentary, unnoticed reroute and a noticeable outage for users.</p>

<p class="wp-block-paragraph">In mission-critical situations, resilient networking is what links a healthy infrastructure to genuine continuity.</p>

<h2 class="wp-block-heading" id="tailor-resiliency-to-what-each-workload-demands">Customise Resilience Based on Workload Needs</h2>

<p class="wp-block-paragraph">Not every workload requires the same resilience strategy, and recognising these differences is crucial for effective design and architecture. A stateless application layer may benefit most from autoscaling, zone distribution, and quick instance replacement. Conversely, a stateful workload might necessitate robust replication, backup, and failover planning since continuity depends on both data integrity and compute availability.</p>

<p class="wp-block-paragraph">Mission-critical workloads often demand more rigor across all layers. They might require stricter recovery targets, extensive failure isolation, and more thoroughly tested recovery paths compared to less critical internal systems. This doesn’t mean every workload requires maximum redundancy; rather, the resilience architecture should be influenced by its business impact.</p>

<p class="wp-block-paragraph"><strong>Azure IaaS</strong> offers customers the flexibility to support different patterns depending on workload importance, operational needs, and acceptable trade-offs concerning cost, complexity, and recovery speed.</p>

<h2 class="wp-block-heading" id="make-every-migration-a-chance-to-build-greater-resiliency">Leverage Migrations to Enhance Resilience</h2>

<p class="wp-block-paragraph">Whether organisations are moving existing applications or launching new ones on Azure, these transition moments are excellent opportunities to build resilience from the outset. It’s a chance to reassess architectural decisions, eliminate inherited single points of failure, and design for improved continuity across compute, storage, and networking.</p>

<p class="wp-block-paragraph">Unfortunately, too often, a move to the cloud simply replicates existing infrastructure patterns and the same risks. However, migration—or new deployments—can be much more valuable. For instance, Carne Group demonstrated how its migration to Azure transformed into a broader resilience strategy, combining <strong>Azure Site Recovery</strong> with Terraform-based landing zones to facilitate cutover while enhancing recovery readiness and operational resilience.</p>

<blockquote class="wp-block-quote is-layout-flow wp-block-quote-is-layout-flow">
    <p class="has-large-font-size wp-block-paragraph">Once we implemented Infrastructure as Code (IaC), we could quickly set up a duplicate site in another region. Even in the worst-case scenario, we could be back up and running within the same day.</p>
    <cite>Stéphane Bebrone, Global Technology Lead at Carne Group</cite>
</blockquote>

<p class="wp-block-paragraph">This highlights the significance of infrastructure as code and deployment automation. By using repeatable deployment templates and CI/CD workflows, teams can standardise resilient architectures, reduce configuration inconsistencies, and consistently recover environments during changes or disruptions.</p>

<p class="wp-block-paragraph"><strong>Azure Site Recovery</strong> is a core feature of Azure for ensuring <strong>regional resilience</strong>, allowing workloads to be replicated and restarted in another Azure region at will. Customers retain control over <strong>where and when workloads are moved</strong>, ensuring recovery aligns with capacity, compliance, and regional availability requirements.</p>

<p class="wp-block-paragraph">Other services like <strong>Azure Migrate</strong>, <strong>Azure Storage Mover</strong>, and <strong>Azure Data Box</strong> assist with various migration scenarios. Additionally, [<strong>GitHub</strong>](https://azure.github.io/Azure-Verified-Modules/) and pipeline-based deployment methods help integrate resilience over time.</p>

<p class="wp-block-paragraph">This perspective extends beyond mere migration. Whether a workload is being transitioned, modernised, or created anew on Azure, integrating resilience into the deployment strategy from the beginning is crucial, rather than tacking it on later.</p>

<h2 class="wp-block-heading" id="maintain-resiliency-after-deployment-as-workloads-evolve">Sustain Resilience as Workloads Develop Over Time</h2>

<p class="wp-block-paragraph">Maintaining resilience is also an ongoing necessity. As workloads evolve and expand, configuration drift, new dependencies, and changing recovery expectations can undermine the initial architecture. The most resilient organisations routinely validate preparedness through testing, drills, fault simulations, and observability practices that assist teams in identifying issues early, understanding root causes, and implementing well-informed corrections. <strong><a href="https://github.com/Azure/ResiliencyInAzure">Resiliency in Azure</a></strong> has been previewed at Ignite to assist organisations in assessing, improving, and validating application resilience, with a public preview expected for Microsoft Build 2026.</p>

<p class="wp-block-paragraph"><strong>Azure IaaS</strong> delivers foundational features across compute, storage, and networking, but resilient outcomes are contingent on how these capabilities are effectively integrated and operationalised. By designing with disruptions in mind, organisations can create architectures that maintain higher availability, better protect critical data, and ensure recovery is more predictable when incidents occur.</p>

<p class="wp-block-paragraph">For more detailed insights, explore the <strong>Azure IaaS Resource Center</strong> for tutorials, best practices, and guidance across compute, storage, and networking to help you design and implement resilient infrastructure with greater confidence.</p>

<p class="wp-block-paragraph"><strong>Have you missed any posts in the Azure IaaS series?</strong></p>

<aside class="cta-block cta-block--align-left cta-block--has-image wp-block-msx-cta" data-bi-an="CTA Block">
    <div class="cta-block__content">
        <div class="cta-block__image-container">
            <img decoding="async" width="1024" height="683" src="https://azure.microsoft.com/en-us/blog/wp-content/uploads/2026/03/CLO23_Collaboration_014-1024x683.jpg" class="cta-block__image" alt="Person with headphones, smiling."  />
        </div>

        <div class="cta-block__body">
            <h2 class="cta-block__headline">Build a Resilient Infrastructure with Azure</h2>
            <p class="cta-block__text">Head to the Azure IaaS Resource Center to start enhancing your infrastructure today.</p>
        </div>
    </div>
</aside>